package com.myworld.controller;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * 授权方法说明:
 */
@RestController
@RequestMapping("/auth")
public class AuthController {
    private final Logger logger= LoggerFactory.getLogger(getClass());

    /**
     * spring security oauth2 授权方法使用:
     *  @PreAuthorize：授权方法注解
     */
    @PreAuthorize("hasAuthority('my_sysmanager')")
    @GetMapping("/authMethod")
    public String mySysmanager(){
        logger.info("方法授权成功...........");
        return "方法授权成功返回";
    }

    /**
     * 此方法未被授权,无法返回
     * @return
     */
    @PreAuthorize("hasAuthority('no_my_sysmanager')")
    @GetMapping("/noAuthMethod")
    public String noMySysmanager(){
        logger.info("方法授权不成功，调用代表存在问题...........");
        return "方法授权不成功，调用代表存在问题";
    }


}
